Enterprise beans and data beans are resources that may need to protect. However, not all Enterprise bean and data beans should be protected.
Typically, the question of what to protect comes into play when you create new Enterprise beans and data beans.
Decide which resource to protect depends on your application.
If a command returns an Enterprise bean in the getResources method, then the Enterprise bean must be protected because the ACP manager will call the getOwner() method on the enterprise ban. The fulfills() method will also be called if a relationship is specified in the corresponding resource-level ACP.
if we implements the protectable interface for all of enterprise bean and data bean ( in number of policy increase) performance may degrade.
Primary resources should be protected, but dependent resources often do not require protection. if user allowed to access a primary resource, it makes sense that, by default, the user should also be allowed to access its dependent resource.
No comments:
Post a Comment